Add support for local login

fabric8-services / fabric8-auth

Identity and Access Management for fabric8 services

https://auth.openshift.io/api/status

Apache License 2.0

14 stars 26 forks source link

Add support for local login #584

Open hemanik opened 6 years ago

hemanik commented 6 years ago

Expected behavior

In the case of local setup, the user should be able to login with a local Oauth server instead of keycloak. With the login workflow as described below:

UI calls Auth
Auth responds to UI with a url as a 307
UI asks user to login by redirecting to the url returned above.
The local oauth server calls Auth with /code=XYZ
( behind the scene ) Auth calls the local oauth server to get a token by presenting the code
Auth responds to the local oauth server with a 307 and location=localhost:3000?token=XYZ
The local oauth sends the user to localhost:3000?token=XYZ

sbose78 commented 6 years ago

In order of preference

Explore an option of 'mock' oauth server that could be run locally with minimal config --> zero code change on login side.
If (1) doesn't work out, run a keycloak remotely with a public client to provide login via github. --> zero code change on login side.
Make code changes on login side to not depend on the identity provider to return a JWT. This has long term benefits - but in the short term, i will try to avoid making any code changes.

xcoulon commented 6 years ago

The code for @hemanik's standalone OAuth service is at https://github.com/fabric8-services/go-oauth2-jwt

xcoulon commented 6 years ago

Moving to backlog as priority is lower for now.

sbryzak commented 5 years ago

Still a low priority as of Jan 2019